Configuring Message-Level Security 2-75

2.16.4 WS-Security 1.1 Username and X509 Token Policies

The following policies support the Username Token or X.509 Token specifications of WS-Security 1.1: Wssp1.2-Wss1.0-Userna meToken-Digest-X509-Ba sic256.xml Username token with digested password is sent in the request for authentication. The encryption method is Basic256. Wssp1.2-Wss1.0-Userna meToken-Digest-X509-Tri pleDesRsa15.xml Username token with digested password is sent in the request for authentication. The encryption method is TripleDes. Wssp1.2-Wss1.0-X509-Ba sic256.xml Mutual Authentication with X.509 Certificates. The message is signed and encrypted on both request and response. The algorithm of Basic256 should be used for both sides. Wssp1.2-Wss1.0-X509-Tri pleDesRsa15.xml Mutual Authentication with X.509 Certificates and message is signed and encrypted on both request and response. The algorithm of TripleDes should be used for both sides Wssp1.2-Wss1.0-X509-En cryptRequest-SignRespo nse.xml This policy is used where only the server has X.509v3 certificates and public-private key pairs. The request is encrypted and the response is signed. Table 2–8 WS-Security 1.1 Username and X509 Token Policies Policy File Description Wssp1.2-2007-Wss1.1-X5 09-Basic256.xml WSS 1.1 X509 with asymmetric binding. Wssp1.2-2007-Wss1.1-Us ernameToken-Digest-X50 9-Basic256.xml WSS 1.1 X509 with asymmetric binding and authentication with digested Username Token. Wssp1.2-2007-Wss1.1-Us ernameToken-Plain-X509 -Basic256.xml WSS 1.1 X509 with asymmetric binding and authentication with plain-text Username Token. Wssp1.2-2007-Wss1.1-En cryptedKey-X509-Signed Endorsing.xml WSS 1.1 X509 with symmetric binding and protected by signed endorsing supporting token. Wssp1.2-2007-Wss1.1-Us ernameToken-Digest-Enc ryptedKey.xml WSS 1.1 X509 with symmetric binding and authentication with digested Username Token. Wssp1.2-2007-Wss1.1-Us ernameToken-Plain-Encr yptedKey.xml WSS 1.1 X509 with symmetric binding and authentication with plain-text Username Token. Wssp1.2-2007-Wss1.1-DK -X509-SignedEndorsing.x ml WSS 1.1 X509 with derived key symmetric binding and protected by signed endorsing supporting token. Wssp1.2-2007-Wss1.1-Us ernameToken-Digest-DK. xml WSS 1.1 X509 with derived key symmetric binding and authentication with digested Username Token. Wssp1.2-2007-Wss1.1-Us ernameToken-Plain-DK.x ml WSS 1.1 X509 with derived key symmetric binding and authentication with plain-text Username Token. Table 2–7 Cont. WS-Security 1.0 Policies Policy File Description 2-76 Securing WebLogic Web Services for Oracle WebLogic Server

2.16.5 WS-SecureConversation Policies